Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Countdown and CountUp WooCommerce Sales Timer Cross-Site Request Forgery - CVE-2021-34636 - Vulnerability Database
WP Plugin Countdown Wpdevart Extended

WordPress Plugin Countdown and CountUp WooCommerce Sales Timer Cross-Site Request Forgery - CVE-2021-34636

High
Reference: CVE-2021-34636
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-34636
Title: WordPress Plugin Countdown and CountUp WooCommerce Sales Timer Cross-Site Request Forgery
Overview:

WordPress Plugin Countdown and CountUp WooCommerce Sales Timer is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application other attacks are also possible. WordPress Plugin Countdown and CountUp WooCommerce Sales Timer version 1.5.7 is vulnerable prior versions may also be affected.